Job Description
Head of Digital Security, Risk & Governance
Preston, Lancashire (On-site – 5 days per week)
£95,000 + Bonus + Company Car + Comprehensive Benefits
Lead Security, Risk & Governance for a Global Infrastructure Organisation
A major international infrastructure and engineering business is seeking an experienced Head of Digital Security, Risk & Governance to lead and evolve its enterprise-wide security, risk and governance capability.
This is a strategic leadership role with responsibility for protecting a complex, multi-region estate spanning thousands of employees, multiple operational sites and critical infrastructure environments across the UK and international markets. You'll own the security strategy, governance framework and risk posture, while leading a high-performing team across cyber security, security operations, identity & access management, compliance and digital trust.
The Opportunity
Reporting directly to the Digital Technology Director, you will lead a team of senior managers responsible for:
- Security Operations
- Cyber Security
- Identity & Access Management
- Governance, Risk & Compliance / Digital Trust
You will shape and develop a wider security function, providing strategic leadership across cyber security, operational resilience, risk management, assurance, privacy and regulatory compliance.
This is an opportunity to influence board-level decision making, partner with executive stakeholders and help build a world-class security function that supports ambitious business growth and transformation programmes.
Key Responsibilities
Security Strategy & Leadership
- Define and deliver the organisation's security, risk and governance strategy.
- Act as the senior advisor to executive leadership and board stakeholders on cyber, information and operational risk.
- Lead, mentor and develop a multidisciplinary security team.
- Drive a culture of accountability, continuous improvement and operational excellence.
- Represent the business with clients, regulators, auditors and industry partners.
Cyber Security & Operational Resilience
- Own security across cloud, infrastructure, networks, identity, endpoints and business applications.
- Oversee strategic relationships with managed security providers and security partners.
- Sponsor major incident response activities and crisis management.
- Drive improvements in threat detection, vulnerability management, security monitoring and response capabilities.
- Champion secure-by-design principles across technology delivery and engineering teams.
Governance, Risk & Compliance
- Lead enterprise security governance and assurance programmes.
- Maintain security policies, standards, control frameworks and risk registers.
- Oversee audit programmes, certifications and regulatory compliance activities.
- Ensure risks are effectively identified, assessed and managed.
- Drive continuous improvement across governance and control frameworks.
Identity, Digital Trust & Assurance
- Own identity governance and privileged access assurance.
- Lead supplier security, privacy, client assurance and regulatory readiness initiatives.
- Support major bids, tenders and customer assurance activities.
- Partner with Legal, HR, Procurement and Operational teams to strengthen security across the business.
What We're Looking For
Essential Experience
Proven experience in a senior security leadership role such as:
- Head of Security
- Head of Information Security
- Head of Cyber Security
- CISO
- Equivalent enterprise security leadership position
- Experience leading multidisciplinary security functions across operations, governance, risk, compliance and identity management.
Strong understanding of:
- ISO 27001
- ISO 27701
- ISO 22301
- NIST CSF
- NIS2
- Cyber Essentials Plus
- Experience managing managed SOC, MDR or major security service providers.
- Track record of leading major incident response and executive stakeholder engagement.
- Excellent communication skills with the ability to translate technical risks into business outcomes.
Desirable
- CISSP, CISM, CRISC, CISA or equivalent certifications.
- Experience within critical infrastructure, utilities, energy, telecommunications or similarly regulated environments.
- Exposure to M&A due diligence and integration activities.
- Experience with GRC platforms and enterprise governance tooling.
- Experience engaging with Boards, Audit Committees and regulatory bodies.
Why Apply?
This is a rare opportunity to join a growing, highly ambitious organisation where security is viewed as a strategic business enabler. You'll have genuine executive visibility, ownership of a significant security portfolio and the chance to shape the future direction of security, risk and governance across a large-scale international operation.
Preston (5 days per week on-site)
£95,000 Base Salary
Bonus Scheme
Company Car
Excellent Benefits Package
For a confidential discussion or to express interest, please apply directly or contact us for further information.
